1 files changed, 12 insertions, 13 deletions

diff --git a/V8Binding/v8/src/spaces-inl.h b/V8Binding/v8/src/spaces-inl.h
index 8b2eab0..da72497 100644
--- a/V8Binding/v8/src/spaces-inl.h
+++ b/V8Binding/v8/src/spaces-inl.h
@@ -103,9 +103,9 @@ void Page::ClearRSet() {
 // The address of the rset word containing the bit for this word is computed as:
 //    page_address + words * 4
 // For a 64-bit address, if it is:
-// | page address | quadwords(5) | bit offset(5) | pointer alignment (3) |
+// | page address | words(5) | bit offset(5) | pointer alignment (3) |
 // The address of the rset word containing the bit for this word is computed as:
-//    page_address + quadwords * 4 + kRSetOffset.
+//    page_address + words * 4 + kRSetOffset.
 // The rset is accessed as 32-bit words, and bit offsets in a 32-bit word,
 // even on the X64 architecture.
 
@@ -115,7 +115,7 @@ Address Page::ComputeRSetBitPosition(Address address, int offset,
 
   Page* page = Page::FromAddress(address);
   uint32_t bit_offset = ArithmeticShiftRight(page->Offset(address) + offset,
-                                             kObjectAlignmentBits);
+                                             kPointerSizeLog2);
   *bitmask = 1 << (bit_offset % kBitsPerInt);
 
   Address rset_address =
@@ -127,20 +127,19 @@ Address Page::ComputeRSetBitPosition(Address address, int offset,
 
   if (rset_address >= page->RSetEnd()) {
     // We have a large object page, and the remembered set address is actually
-    // past the end of the object.  The address of the remembered set in this
-    // case is the extra remembered set start address at the address of the
-    // end of the object:
+    // past the end of the object.
+
+    // The first part of the remembered set is still located at the start of
+    // the page, but anything after kRSetEndOffset must be relocated to after
+    // the large object, i.e. after
     //   (page->ObjectAreaStart() + object size)
-    // plus the offset of the computed remembered set address from the start
-    // of the object:
-    //   (rset_address - page->ObjectAreaStart()).
-    // Ie, we can just add the object size.
-    // In the X64 architecture, the remembered set ends before the object start,
-    // so we need to add an additional offset, from rset end to object start
+    // We do that by adding the difference between the normal RSet's end and
+    // the object's end.
     ASSERT(HeapObject::FromAddress(address)->IsFixedArray());
-    rset_address += kObjectStartOffset - kRSetEndOffset +
+    int fixedarray_length =
         FixedArray::SizeFor(Memory::int_at(page->ObjectAreaStart()
                                            + Array::kLengthOffset));
+    rset_address += kObjectStartOffset - kRSetEndOffset + fixedarray_length;
   }
   return rset_address;
 }